I think the original question was should web servers have anti virus
installed on them? The answer is always yes. How the anti virus program is
configured is another question. Some web application servers will
occasionally exclude certain fiel extensions or directories to improve
performance or only check files that change. Let's also address the root
cause of most system compromises, incorrect configurations. An incorrectly
configured web server with anti virus is just as vulnerable as a correctly
configured web server without anti virus. Everyone has also made some very
excellent points as well. Good topic.
-----Original Message-----
From: Shyaam [mailto:shyaam@gmail.com]
Sent: Monday, July 18, 2005 11:20 AM
To: ssgill@gilltechnologies.com
Cc: focus-ms@securityfocus.com
Subject: Re: Should webservers, eg. IIS 6 have anti--virus installed on
them?
According to my level of knowledge(which is very minimal, in this
especially), I would say that a web server should be patched well
first. the anti-virus is a secondary issue. Ofcourse, you need an
antivirus too, but there should always be good patches implemented
which checks for the latest signatures.
--Shyaam
On 7/17/05, Sarbjit Singh Gill <ssgill@gilltechnologies.com> wrote:
Greetings
Should IIS have anti-virus installed on them. I know I would do it for a
fileserver but for IIS, I rather lock it down.
Thanks.
/Gill
---------------------------------------------------------------------------
---------------------------------------------------------------------------
--
Thank you in advance for your time and consideration.
Yours Sincerely,
R.S.Shyaam Sundhar
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
